This TryHackMe room is a challenge-based DFIR scenario simulating a real-world intrusion by the APT group Volt Typhoon. Designed for SOC L2/L3 analysts and DFIR practitioners, it focuses on detecti...

This TryHackMe room is a walkthrough-style DFIR training module designed to help analysts investigate advanced attack scenarios where threat actors attempt to cover their tracks by wiping Windows S...

In this walkthrough, we’ll focus on forensic artefacts in macOS, their locations, and how they aid in investigations. Learning Objectives Identify forensic artefacts in macOS. Locate these ar...

In this walkthrough, two methods for analyzing a malicious traffic capture (traffic.pcapng) associated with the Havoc Command and Control (C2) framework are explored. The goal is to extract critica...

This TryHackMe room is a hands-on training module focused on teaching red teamers how to build custom tools and exploits using Python. Designed for offensive security professionals, the room walks ...

This TryHackMe room is a walkthrough-style training module designed to guide SOC Level 1 (L1) analysts through essential post-triage procedures. It focuses on three critical areas: alert reporting,...